We’ve all gotten suspicious emails before. Ones that tell us there’s a package waiting for us and all we need is to enter some info to receive it. Luckily most of these emails get filtered out by our spam settings, but sometimes they can still get through.
These types of fraudulent emails are known as social engineering- one of the most common examples of this is phishing. But social engineering isn’t limited to just emails. Social engineering includes any and all attempts to obtain personal information or account details and use them for financial gain.
Since we’re a licensed bank, we are required by law to verify your identity before you open an account. How you open your account is strictly regulated by financial authorities. It’s very important since your identity is tied to your credit score and can be used for financial purposes like overdraft and personal loans.
In the past few months, we’ve learned of several new fraud methods. Using fake job ads, fraudsters ask for personal information from victims, who believe they are applying for a job at N26 and other companies. Once there, applicants are asked to verify their identity via N26 video chat as part of the recruiting process. Unknowingly, instead of applying for a job, they are opening a bank account. This can then be used for criminal activities such as money laundering. Another social engineering method is to claim to be hiring on behalf of companies. Victims believe they are being hired to test the N26 video verification process. In fact they are opening a bank account. These are social engineering attempts to get you to pass on your personal information so fraudsters can open an N26 account in your name and use it for illegal activities.
Social engineering originates outside of our sphere of influence. However, we take several measures to prevent these practices.
We inform customers that they are opening a bank account When you sign up at N26 via video verification, we make it very clear that you are verifying your identity to open a bank account. This helps keep you aware that you’re not applying for a job or apartment or filling out a survey. We also ask whether the email address you use to sign-up was created by you or if you have received any log-in data from a third person.
We train and test verification agents We have both an in-house team and a partner that performs video calls to verify customers’ identities. We have regular internal spot checks to make sure that customers know they’re signing up for a bank account. Our partner, IDnow also performs regular quality tests and training. We also do spot checks ourselves by using mystery shopping techniques.
What can you do to prevent identity theft through social engineering?
Most important is to be vigilant when opening emails or receiving calls. You should also:
- Avoid giving your account or bank card details to third parties even if they seem to be trustful. This includes your email address, your password, your N26 transaction pin, and your bank and credit card pin.
- Keep your personal information secure and don’t share it with strangers or third parties. This also includes copies of documents like your ID, passport, birth certificate, or driver’s license. Also don’t share personal information publicly on social media.
- Make sure that you trust an organization before entering your info on its site. Ask yourself why they need access to your info. Verify the URL in your browser or the email address if you receive an unusual request. Although a website might look legitimate, the URL may show a variation in spelling or use a different domain.
- Remember that N26 doesn’t have cooperations with job and housing agencies, market research institutes, product testers for e.g. IDNow, credit brokers on external sites that ask you to confirm your identity via a video call. If you come across a third party who asks you to open an N26 bank account to verify your identity, you can be sure it’s a fraud. You can report any suspected cases of phishing to our dedicated email address: email@example.com
We hope these tips are helpful. As always we take your security very seriously and are working our hardest to ensure that no one abuses the trust you give us.